How to change SSH port on Linux Cloud Servers

2020-05-22 By Ryan 27 Views linux ssh port
0 reviews

SSH (Secure shell) is a cryptographic network protocol used to connect to a remote server securely and it transfer the data in encrypted form between the host and the client.

The default TCP port for SSH is 22, and by changing this default port to the other, it can prevent automated bots and malicious users from being brutally forced into the server.


Before changing the default SSH port number, can check the current port with the below command.

# netstat -ntlp | grep ssh

sshport1


This guide will describe the steps to change the SSH port and add the new custom SSH port in the firewall in the Linux server.


To change the SSH port


  1. Open the main SSH daemon configuration file /etc/ssh/sshd_config.

    # vi /etc/ssh/sshd_config
    
  2. Now search line begins with Port 22 and add hashtag (#) in front of that line. Then add a new Port line below with the custom port as shown in the image.

    sshport2

    Note: Replace the sample port number 2223 with the custom port number that needs to be set.

  3. Save and exit.


To add the new custom SSH port in the server firewall


  1. To set up firewall with UFW ( Ubuntu/Debian ).

    # ufw allow 2223/tcp
    

    sshport3

  2. To add in IPTables and verify ( All Linux OS ).

    # iptables -A INPUT -m state --state NEW -m tcp -p tcp --dport 2223 -j ACCEPT
    
    # iptables -L
    

    sshport4

  3. To add in FirewallD ( CentOS 7/8 ).

    # firewall-cmd --permanent --zone=public --add-port=2223/tcp
    
    # firewall-cmd --reload
    

    sshport5

    Note: Replace the sample port number 2223 with the custom port number that needs to be set.


Restart the SSH daemon for the changes to take effect


Run the below commands to restart the SSH daemon and verify that the port changed.

# systemctl restart sshd

# netstat -ntlp | grep ssh

sshport6


Related Tutorials

What do you think about this article?

Rate this article